summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authormsquare <msquare@notrademark.de>2017-12-14 14:56:29 +0100
committermsquare <msquare@notrademark.de>2017-12-14 14:56:29 +0100
commit952dc6921acb275de74dd33be2ecb01986bfdd49 (patch)
tree962874c1b554f6b8eaaaaf685f81fe69687b4282
parentc70e268a2e25855391a53240a9ca783c3a7a94dd (diff)
undo of fix #382: XXE DoS in engelsystem - the feature is actually needed for xcal files
-rw-r--r--includes/pages/admin_import.php2
1 files changed, 0 insertions, 2 deletions
diff --git a/includes/pages/admin_import.php b/includes/pages/admin_import.php
index 4faca183..4b0f35de 100644
--- a/includes/pages/admin_import.php
+++ b/includes/pages/admin_import.php
@@ -80,7 +80,6 @@ function admin_import()
if (isset($_FILES['xcal_file']) && ($_FILES['xcal_file']['error'] == 0)) {
if (move_uploaded_file($_FILES['xcal_file']['tmp_name'], $import_file)) {
libxml_use_internal_errors(true);
- libxml_disable_entity_loader(true);
if (simplexml_load_file($import_file) === false) {
$valid = false;
error(_('No valid xml/xcal file provided.'));
@@ -425,7 +424,6 @@ function read_xml($file)
global $xml_import;
if (!isset($xml_import)) {
libxml_use_internal_errors(true);
- libxml_disable_entity_loader(true);
$xml_import = simplexml_load_file($file);
}
return $xml_import;